Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 12 replies
  • Answers 1 answer
  • Subscribers 39 subscribers
  • Views 33968 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firefox Insecure Connection

tom greene

Hey,

I am having problems with web opening websites using Firefox. Some pc's in my network have no problem and some have problems that wont allow any google related https website to be opened with firefox. And there is no option to add an exception either. I have not installed any certificates or have never enabled https scanning since i started using the xg firewall.

A screenshot of the error is given below

 

I dont have https decryption on and i have even turned off http and ftp scanning. I dont understand why it happens on a few laptops only and works fine on others. The version of Firefox is the same on all of the laptops. 

 

I just installed the xg firewall and this started happening after i made a few custom firewall rules and a few web filter policies. 

I have even tried after disabling the web filter polices but still no luck. 

Chrome works fine. 

A few computers on the network are having problems with chrome and not firefox. so something weird is going on. 

 

1. Are there any other settings that i need to change?

2. Are there any other services that might be scanning https other than the options in the firewall rule?

3. I have made a firewall rule that blocks google udp 443 so i have that set to REJECT or should it be Drop? and is there a different rule i have to make for Firefox?

4. Do i have to make a deny rule at the bottom of all the firewall rules or is that a given default?



This thread was automatically locked due to age.
  • 0

    What version of XG are you using. Some of what describe has been fixed in 3-mr3

    XG115W - v20.0.3 MR-3 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to tom greene

    Hey,

    Is anyone having a similar problem like me. Any help would be appreciated. 

  • 0 in reply to tom greene

    Please someone help, i cant open many https realted websites using Firefox, It keeps giving an error Your Connection is not Secure and there is now way to add an exception.

     All https and http scanning is disabled. So, i dont know what to do. 

  • 0 in reply to tom greene

    Basically the error is showing you have a certificate error on the XG. You can import the XG certificate into your browser.

    Somewhere in one of your rules you have HTTPS scanning enabled.

    Search the forums there are detailed explanations on this subject.

    XG115W - v20.0.3 MR-3 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Actually i dont have https scanning enabled in any of the firewall rules. And the same rule behaves different on different pcs. ON a few pcs firefox works fine and on some pcs firefox doesnt work at all. I think i am going to try to uninstall and reinstall the Firefox and see what happens. 

  • 0 in reply to tom greene

    check which version of firefox they are using, because the newer versions 52 or later changed the rules.

    If I enable HTTPS scanning on my XG I get the same failures.

    XG115W - v20.0.3 MR-3 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    Hey

    I am using the latest version which is 53.02 and even after reinstalling firefox it doesnt work. Keep getting insecure connections. I deleted all the firefox data from Appdata so all previous data was not there. So there must be something in firefox thats causing this. Like the chrome bug that was recently talked about on the forums. 

    Now i am going to try a version before 52 to see if that works. 

  • 0 in reply to tom greene

    Hey,

    I just installed version 51.0.1 and it still shows an insecure connection but atleast this version lets me add an exception. so that i can atleast open and use gmail and youtube and other https related websites. Version 53.02 doesnt even give an option to add an exception. So for now i will use this, but either its firefox's fault or Sophos XG bug. 

  • 0 in reply to tom greene

    I am running 53.0 without https and I can connect, as soon as I enable https decrypt and scanning I get the error.

    The issue is with the certificate you are using and have installed on the XG and how you reference it in FF.

    XG115W - v20.0.3 MR-3 - Home

    XG on VM 8 - v21 GA

    If a post solves your question please use the 'Verify Answer' button.

Unfiltered HTML